Job Specifications
About xAI
xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge.
Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity.
We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important.
All engineers and researchers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates.
About the Role
We are seeking a skilled and innovative Application Security Engineer to join our technology-driven company. In this role, you will be responsible for ensuring the security and integrity of our cloud-native applications and systems throughout the software development lifecycle, with a particular focus on code security, CI/CD pipelines, and emerging AI technologies.
Focus
Conduct in-depth code reviews and static analysis to identify and mitigate security vulnerabilities in our applications
Design and implement secure coding guidelines and best practices for development teams
Collaborate closely with development teams to integrate security practices throughout the CI/CD pipeline
Perform threat modeling and risk assessments for applications, developing mitigation strategies for potential risks
Manage vulnerability tracking and remediation efforts, providing guidance to development teams
Support incident response activities related to application security
Stay current on emerging security threats and trends in cloud-native technologies and AI, continuously enhancing our security measures
Evaluate and secure software supply chains, including producing and maintaining Software Bills of Materials (SBOMs)
Address security concerns specific to AI and machine learning models, with a focus on the OWASP LLM Top 10
Ideal Experience
Bachelor's degree in Computer Science, Cybersecurity, or a related field
3-5 years of experience in application security, with a strong focus on code security practices
Deep understanding of secure coding practices, application security frameworks, and common vulnerabilities (e.g., OWASP Top 10)
Proficiency in Python or Rust programming languages and experience with secure coding practices in these languages
Experience securing CI/CD pipelines and implementing DevSecOps practices
Familiarity with software supply chain security and SBOM generation tools
Experience with security testing tools (e.g., Burp Suite, OWASP ZAP) and static/dynamic code analysis
Understanding of AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
Excellent communication skills, able to explain complex security issues to both technical and non-technical audiences
Preferred Qualifications
Experience with cloud platforms (e.g., GCP, AWS, Azure) and their security features
Relevant security certifications (e.g., CSSLP, OSWE)
Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems
Experience with GitOps and infrastructure-as-code security
Familiarity with federated learning and privacy-preserving machine learning techniques
Bonus Skills
Experience in building custom security tooling to enhance and automate security processes
Interest in leveraging AI to automate security tasks and improve efficiency
Contributions to open-source security projects or tools
Experience in securing AI/ML models and data pipelines
Annual Salary Range
$180,000 - $440,000 USD
xAI is an equal opportunity employer and does not unlawfully discriminate based on race, color, religion, ethnicity, ancestry, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, age, disability, medical conditions, genetic information, marital status, military or veteran status, or any other applicable legally protected characteristics.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all applicable federal, state, and local laws, including the San Francisco Fair Chance Ordinance, Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act.
For Los Angeles County (unincorporated) Candidates:
xAI reasonably believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of a conditional offer of employment:
Access to information technology systems and confidential information, including proprietary and trade secret information, and/or user data;
Interacting with internal and/or external clients and colleagues;